package com.tang.framework.component.security;

import com.tang.framework.component.TokenService;
import com.tang.framework.core.model.LoginUser;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;

import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;

@Component(value = "as")
public class AuthorizeService {

    @Resource
    private TokenService tokenService;

    @Resource
    private HttpServletRequest request;

    public Boolean hasPermission(String permission) {
        if ("any".equals(permission)) {
            return true;
        }
        LoginUser loginUser = tokenService.getLoginUser(request);
        for (GrantedAuthority grantedAuthority : loginUser.getAuthorities()) {
            if (grantedAuthority.getAuthority().equals(permission)) {
                return true;
            }
        }

        return false;
    }
}
